Cisco AAA/Identity/Nac :: Replacement Of ACS 1121
Jun 7, 2013
I have a clarification related with ACS 1121. Client needs a solution for ACS feature, instead of investing on ISE Base, is there any model exists as ACS appliance only. I believe ACS 1121 is going to be EOS and it says SNS 3415 is the replacement model .
What I am confused is , It is an ISE as well as ACS and there is separate licensing for ISE (as base and advanced). What should i do , if i need to select SNS 3415 as ACS appliance ? is it built in or should i need to add anything extra ?
View 3 Replies
ADVERTISEMENT
May 31, 2013
It's impossible to use acs 5.2 recovery DVD to cisco 1121 acs 5.1?
View 7 Replies
View Related
May 15, 2011
integrated the Cisco ACS 1121 with 5.1 and AD and been able to use multiple policies to permit or deny access to different NDG? I am able to authenticate agains AD but I am having an issue with getting the policies to use the user memberOf attribute to set access levels.
View 1 Replies
View Related
Jan 6, 2012
It has been more than a year since a customer bought a Cisco ACS 1121. It was unpacked then and the PAK is lost, no where to be found. Is there any way to retrive the lost PAK ?
View 19 Replies
View Related
Jun 19, 2012
For our client, we have two ACS 5.0 deployed in primary and secondary mode.Primary ACS is failed and we are going to replace the hardware.Problem is we dont have backup of primary ACS and have backup of only secondary ACS.Also there is certificate used for authentication of wireless users.In this case how we can proceed for for the restore.
If we promote secondary ACS to primary and join the New ACS as secondary,will the certificate also synchronised? or we need to create CSR and obtain the certificate for new ACS?
View 1 Replies
View Related
May 2, 2011
Newly shipped cisco ACS appliance 1121 has been shipped with ACS version 5.0 , I need to downgrade to ACS version 4.2,0 , I could not see recovery CD or DVD for acs 4.2 along with shipment , Is ACS 1121 appliance is comptaible to acs 4.2.0 version ? .
My ACS BOM details
CSACS-1121-K9
ACS 1121 Appliance With 5.1 SW And Base license
[code]....
View 2 Replies
View Related
Mar 27, 2011
how to configure LAN teaming in Cisco ACS 1121. My requirement is to have virtual IP in the server with two physical IPs in the available 2 interface in the server.
View 1 Replies
View Related
Mar 26, 2012
I am trying to add ACS 1121 (ver 5.3) to monitoring and seems that MIB are missing. Need MIB for this device which I can use in monitoring tool.
View 1 Replies
View Related
Aug 13, 2012
I have 5 installations of ACS appliances (ACS 1121 running ACS 5.3). Is there a way to monitor them via SNMP? The AD client keeps dying on one of them, and even with the newest patch it's not up. Also, i want to monitor them up/down, CPU, memory... basic network monitoring to make sure my devices are healthy.
Any one know if that can be configured? I figured i'd ask here before opening a TAC.
View 2 Replies
View Related
Aug 11, 2011
Is it possible to have Dual NIC on ACS v5.2 such as teaming or any else??
I am thinking of connecting the two NIC on the CSACS-1121-K9 appliance to two switches on the same network, but wondering if it will be possible or not.
View 1 Replies
View Related
Jun 3, 2012
I have an issue with applying a patch to an ACS 1121 appliance running version 5.2.0.26. I have 5 units that needed updating and the first one is the unit with the problem. The subsequent ones updated with no issues.
When I do a show version the 5.2.0.26.10 does not show. When I try to do a reinstall I get back patch all ready exists. When I try to do an uninstall I get back patch does not exist.
Is there a command can wipe out patch 10, so I can start over? The CLI factory-reset only wipes the web configuration not the running-config or IOS.
View 7 Replies
View Related
May 29, 2013
My customer has an ACS 1121 version 5.4. Now we want to install a secondary ACS 1121.
View 2 Replies
View Related
Jan 26, 2013
I know ACS 5 lacks the IP Pools of earlier ACS versions. I'm looking at a 4 to 5 migration and was thinking of just configuring the IP Pools on the router ("ip pool local" etc) and sending back a RADIUS Cisco Attribute pair with the name of the pool. (Seemed like a neat fix, needs no extra kit, etc.)
I could have sworn that attribute pair existed... but I can't find it in ACS5! What's it's name?! Where is it!? Or have I gone mad!? (And, if I have gone mad, how would you go about fixing it?)
View 2 Replies
View Related
Oct 31, 2012
Im installing & configuring a new ACS 1121. Ive updated to version 5.3 with patch:This temporarily solves my Active Directory problem but i still would like to have the NTP server pointing to the same reference as the Active Directory.
View 1 Replies
View Related
Jan 11, 2012
I have to migrate two appliances ACS SE 1112 under 4.0.1 to new two appliances ACS SE 1121 under 5.2 version.I would like to clarify the procedure to do it by minimizing down time impact.I saw there are Migration Utility and Import Tool but do I need an Intermediate Windows Server to do this migration ?
View 1 Replies
View Related
May 7, 2013
Our ACS appliance (Cisco 1113) has died and it is not cost effective to get it replaced as it will only be used until the end of this year.Is it possible to get the tacacs software to install on a Windows server? How do I go about sourcing the software as the original documentation is no longer available? Will the fact that I have a defunct appliance be sufficient proof to get a copy of the software? We are currently running v4.1
View 1 Replies
View Related
Jun 20, 2012
I have an ACS Server 5.1 which is used to authenticate my cisco and non-cisco devices. however when I take report on my authentications, the time shown in the report is wrong. However, when I take my mouse pointer to the report , the correct time is highlighted.
View 4 Replies
View Related
May 29, 2013
We upgraded a CSACS-1121 from ACS 5.2 to ACS 5.4 with CLI Application upgrade ACS_5.4.0.46.0a.tar.gz FTP After ACS reboot, services never start... After 15 hours, we always get same message:
ACS/admin# show application status acs
Application initializing...
Status is not yet available.
Please check again in a minute.
We installed patch 5-4-0-46-2.tar.gpg but we got same issue for 2 hours ...What could I do?
View 4 Replies
View Related
Aug 21, 2012
We have 2 CSACS 1121 with Cisco ACS 5.2.0.26.10 The primary server manages 20000+ authentications per day. Its memory utilization increases everyday. It is now at 83% , there a limit?,What will happen when memory utilization reach this limit?,What can we do to purge memory utilization? (reboot, service restart.
View 11 Replies
View Related
Apr 13, 2011
Is it possible to edit the hosts file on an ACS 1121 server running ACS 5.2? Our problem is we have a single domain with multiple domain controllers at different sites. So when the ACS server tries connecting to the domain it randomly picks a domain controller which it can't connect to thus causing it to fail.
View 5 Replies
View Related
Mar 26, 2012
I am configuring new ACS 1121 appliance with version 5.3 and wanted to know how to configure Remote Database settings in ACS5.3 Is that necessary to configure that option ?
Also one more thing I can see that ACS 5.3 generates lots of logs is there any solution to reduce such logs. It seems many unuseful logs which are system related are getting logged into device which might no be good for memory requirements of device.
View 6 Replies
View Related
Jun 4, 2011
I have ACS1121 running version 5.1.0.44.6 on my network environement , I need to enable account lock-out for internal user during failed attempt for more than 8 times , How to achieve this . I could see account lock-out for administrator user account , not for internal user .
View 2 Replies
View Related
Jul 24, 2011
We are currently evaluating a ACS 1121 running 5.2, we are trying to configure this to Authenticate eap-peap requests.
Our users will be using credentials in a username@example.com format, if the server sees a request using username@anotherrealm.com then it would forward the request to a external proxy radius server, if the server saw a request for our domain it would strip off the @example.com part and authenticate against AD.
Im finding it hard locating documentation to tell the server if a request comes from a NAS using username@example.com then strip @example.com and authenticate username against AD.
View 4 Replies
View Related
Apr 14, 2013
We have had an active ACS unit for many years now, and we've added a second one, both are 1121 Appliances. The newer one came with 5.4, so we upgraded the older one to 5.4.
We setup replication between the two, with the newer one primary and the older one secondary. Problem is, windows based clients are unable to authenticate to the older ACS appliance. The only problem we can see is that it indicates that adclient is not running, under Monitoring & Troubleshooting, ACS Health Instance Summary.
So... been trying to figure out how to correct this, yet have been hard pressed to find a knowledgebase article that works. So far, Cisco hasn't added my smartNet on the new box so I can get some support?
View 6 Replies
View Related
Sep 10, 2012
Is it possible to upgrade the CSACS-1121-UP-K9 to be a non upgrade part? We were going to upgrade from a Windows 4.x to the above Appliance (version 5.x) but there is now a reason to keep the old Windows version running therefore we cannot give the new Appliance the old ACS's licenses?!So we should have (with hindsight) bought a fresh version of the ACS 5.x rather than an upgrade.
View 1 Replies
View Related
Jan 18, 2011
Customer is using AIM-ATM AIM with a VWIC2-1MFT-T1/E1 card installed, and using the E1s in ATM mode.They have recently migrated to ISRG G2, but; ISR G2 (2911) dosen't support AIM Modules, and there is no relevant module for ATM.So is there anything we can do to accomplish same functionality on ISR G2 ?
View 1 Replies
View Related
May 1, 2012
I wonder if you can migrate the cisco ap 1121 by WCS, could not find any specific documentation.
View 3 Replies
View Related
Jul 1, 2012
How to know the Red Hat OS version in the ACS 1121 appliance?
View 1 Replies
View Related
Nov 28, 2010
I have a problem upgrading an appliance CSACS 1121 from version 5.1 to 5.2 because restore DVD has image of 5.1 not 5.2 and in cisco.com appears only two files 5.2-0-26-1.tar.gpg and ACS_v5.2.0.26.iso, the first image is a patch and the second I'm not sure if is image for version 5.2, in case if appropriate which would be the correct commands to perform the upgrade using CLI.
View 4 Replies
View Related
Jul 30, 2011
The user "shreedhar" is getting authenticated locally and not through TACACS+ (Cisco ACS 1121 appliance running ACS 5.1).
In the switch, after entering credentials, the switch says, "Authentication failed - login using local mode". (Not the exact message but close enough!).
In ACS 5.1 -> Monitoring and Reports->Dashboard->My Favorite Reports->Authentications-TACACS+, I am getting the following error, "13011 Invalid TACACS+ request packet - possibly mismatched Shared Secrets".
Configuration in switch is as follows:
feature tacacs+
username admin password 5 $1$joEvYokP$5wZ1mtpBlxuoKMEWbFzRY1 role network-adminusername shreedhar password 5 $1$x8u5N4IR$NbVcY1u6CuoXYkMgXs60l/ role network-admin
tacacs-server key 7 "Ti!23456"ip tacacs source-interface loopback0acacs-server test username demo password demo123 idle-time 3 tacacs-server timeout 10tacacs-server deadtime 5tacacs-server host 192.168.31.11 key 7
[code]....
Is #the encrypted TACACS+ shared secret key from switch not being decrypted by ACS 5.1 as it requires a clear-text password? Could it be the reason for the above error?
View 1 Replies
View Related
Jul 1, 2012
I'm looking to upgrade our main router/firewall with something that has more throughput. This unit has 2 DMZ zones, internal switch and 2xWAN connections which is pretty handy as I'm utilizing all of them.How to resolve the issue of having a firewall and router in one device,What would be the replacement solution if I were to decide for Cisco solution? What is the best practice?
View 3 Replies
View Related
Jan 27, 2013
I would like to ask if what is the replacement for RV016? Is there any on the ISR G2 that can be set as a mulit-WAN router? Meaning can handle for more than two WAN connections.
View 2 Replies
View Related
Aug 12, 2011
DLINK RMA service is worst I have ever experienced.I sent my defective DLINK DIR-655 router to RMA department about 3 weeks ago, and finally got the replacement today. However, can you believe the replacement from RMA is also defective, not connecting Internet at all? After spending about 1 hour with technical support again to confirm the replacement is still defective, I was told to request another RMA. Should DLINK expect me to spend another $10 shipping fee and wait for another 3 week for another replacement because of a mistake made by DLINK RMA service?
View 7 Replies
View Related